Jitterizer A particular cryptographic mechanism intended to complicate the sequence produced by a linear random number generator by deleting elements from the sequence at pseudo-random.
Trang 1A polynomial only evenly divisible by itself and 1 The polynomial analogy
to integer primes Often used to generate a residue class field for polynomial operations
A polynomial form of the ever-popular "Sieve of Eratosthenes" can be used
to build table of irreducibles through degree 16 That table can then be used
to check any potential irreducible through degree 32 While slow, this can be
a simple, clear validation of other techniques
Also see primitive polynomial
IV
"Initial value," "initializing value" or "initialization vector." An external value needed to start off cipher operations Most often associated with CBC mode
An IV often can be seen as a design-specific form of message key
Sometimes, iterative ciphering under different IV values can provide
sufficient keying to perform the message key function
Generally, an IV must be accompany the ciphertext, and so always expands the ciphertext by the size of the IV
Jitterizer
A particular cryptographic mechanism intended to complicate the sequence produced by a linear random number generator by deleting elements from the sequence at pseudo-random
The name is taken from the use of an oscilloscope on digital circuits, where
a signal which is not "in sync" is said to "jitter." Mechanisms designed to restore synchronization are called "synchronizers," so mechanisms designed
to cause jitter can legitimately be called "jitterizers."
KB
Kilobyte 210 or 1024 bytes
Trang 2Kb
Kilobit 210 or 1024 bits
Kerckhoff's Requirements
General cryptosystem requirements formulated in 1883 (from the Handbook
of Applied Cryptography):
1 The system should be, if not theoretically unbreakable,
unbreakable in practice (Of course there are no realized systems
which are "theoretically unbreakable," but there is also little point in using a known breakable cipher.)
2 Compromise of the system details should not inconvenience the
correspondents (Nowadays we generally assume that the Opponent
will have full details of the cipher, since, for a cipher to be widely used, it must be present at many locations and is therefore likely to be exposed We also assume that the Opponent will have some amount of known-plaintext to work with.)
3 The key should be rememberable without notes and easily
changed (This is still an issue Hashing allows us to use long
language phrases, but the best approach may someday be to have both
a hardware key card and a key phrase.)
4 The cryptogram should be transmissible by telegraph (This is not
very important nowadays, since even binary ciphertext can be converted into ASCII for transmission if necessary.)
5 The encryption apparatus should be portable and operable by a single person (Software encryption approaches this ideal.)
6 The system should be easy, requiring neither the knowledge of a long list of rules nor mental strain (Software encryption has the
potential to approach this, but often fails to do so We might think of
the need to certify public keys, which is still often left up to the user, and thus often does not occur.)
Key
The general concept of protecting things with a "lock," thus making those things available only if one has the correct "key." In a cipher, the ability to select a particular transformation between a plaintext message and a
corresponding ciphertext By using a particular key, we can create any one
of many different ciphertexts for the exact same message And if we know the correct key, we can transform the ciphertext back into the original
message By supporting a vast number of different key possibilities (a large
Trang 3keyspace), we hope to make it impossible for someone to decipher the
message by trying every key in a brute force attack
In cryptography we have various kinds of keys, including a User Key (the key which a user actually remembers), which may be the same as an Alias Key (the key for an alias file which relates correspondent names with their individual keys) We may also have an Individual Key (the key actually used for a particular correspondent); a Message Key (normally a random value which differs for each and every message); a Running Key (the confusion sequence in a stream cipher, normally produced by a random number
generator); and perhaps other forms of key as well
In general, the value of a cryptographic key is used to initialize the state of a cryptographic mechanism
Ideally, a key will be a equiprobable selection among a huge number of possibilities This is the fundamental strength of cryptography, the "needle in
a haystack" of false possibilities But if a key is in some way not a random selection, but is instead biased, the most-likely keys can be examined first,
thus reducing the complexity of the search and the effective keyspace
In most cases, a key will exhibit diffusion across the message; that is,
changing even one bit of a key should change every bit in the message with probability 0.5 A key with lesser diffusion may succumb to some sort of divide and conquer attack
Key Distribution Problem
The problem of distributing keys to both ends of a communication path, especially in the case of secret key ciphers, since secret keys must be
transported and held in absolute secrecy Also the problem of distributing vast numbers of keys, if each user is given a separate key
Although this problem is supposedly "solved" by the advent of the public key cipher, in fact, the necessary public key validation is almost as difficult
as the original problem Although public keys can be exposed, they must
represent who they claim to represent, or a "spoofer" or man-in-the-middle can operate undetected
Nor does it make sense to give each individual a separate secret key, when a related group of people would have access to the same files anyway
Typically, a particular group has the same secret key, which will of course
Trang 4be changed when any member leaves Typically, each individual would have
a secret key for each group with whom he or she associates
Keyspace
The number of distinct key-selected transformations supported by a
particular cipher Normally described in terms of bits, as in the number of bits needed to count every distinct key This is also the amount of state
required to support a state value for each key The keyspace in bits is the log2 (the base-2 logarithm) of the number of different keys, provided that all keys are equally probable
Cryptography is based on the idea that if we have a huge number of keys, and select one at random, The Opponents generally must search about half
of the possible keys to find the correct one; this is a brute force attack
Although brute force is not the only possible attack, it is the one attack
which will always exist Therefore, the ability to resist a brute force attack is normally the "design strength" of a cipher All other attacks should be made even more expensive To make a brute force attack expensive, a cipher
simply needs a keyspace large enough to resist such an attack Of course, a brute force attack may use new computational technologies such as DNA or
"molecular computation." Currently, 120 bits is large enough to prevent even unimaginably large uses of such new technology
It is probably just as easy to build efficient ciphers which use huge keys as it
is to build ciphers which use small keys, and the cost of storing huge keys is probably trivial Thus, large keys may be useful when this leads to a better cipher design, perhaps with less key processing Such keys, however, cannot
be considered better at resisting a brute force attack than a 120-bit key, since
120 bits is already sufficient
Keyed Substitution
Two substitution tables of the same size with the same values can differ only
in the ordering or permutation of the values in the tables A huge keying potential exists: The typical "n-bit-wide" substitution table has 2n elements, and (2n)! ("two to the nth factorial") different permutations or key
possibilities A single 8-bit substitution table has a keyspace of 1648 bits
A substitution table is keyed by creating a particular ordering from each
different key This can be accomplished by shuffling the table under the control of a random number generator which is initialized from the key
Trang 5Known Plaintext Attack
A type of attack in which the cryptanalyst has some quantity of related
plaintext and ciphertext This allows the ciphering transformation to be
examined directly
A known plaintext attack is especially dangerous to the usual stream cipher which has an additive combiner, because the known plaintext can be
"subtracted" from the ciphertext, thus completely exposing the confusion sequence This is the sequence produced by the cryptographic random
number generator, and can be used to attack that generator This sort of attack can generally be prevented by using a Dynamic Substitution
Combiner instead of the usual additive combiner
It is surprisingly reasonable that The Opponent might well have some known plaintext (and related ciphertext): This might be the return address on a letter, a known report, or even some suspected words Sometimes the
cryptosystem will carry unauthorized messages like birthday greetings
which are then exposed, due to their apparently innocuous content
Kolmogorov-Smirnov
In statistics, a goodness of fit test used to compare two distributions of
ordinal data, where measurements may be re-arranged and placed in order Also see chi-square
n independent samples are collected and arranged in numerical order
in array X as x[0] x[n-1]
S(x[j]) is the fraction of the n observations which are less than or
equal to x[j]; in the ordered array this is just ((j+1)/n)
F(x) is the reference cumulative distribution, the probability that a random value will be less than or equal to x Here we want F(x[j]), the fraction of the distribution to the left of x[j] which is a value from the
array
The "one-sided" statistics are:
K+ = SQRT(N) * MAX( S(x[j]) - F(x[j]) )
= SQRT(N) * MAX( ((j+1)/n) - F(x[j]) )
K- = SQRT(N) * MAX( F(x[j]) - S(x[j]) )
= SQRT(N) * MAX( F(x[j]) - (j/n) )